Information Security, as a function, sits at a great confluence of raw unfiltered data; perhaps more data about the enterprise than any other function of the organization. From state-based data such as vulnerability scan results, to event-based data such as IDS logs, we are collecting more and more information about the enterprise every passing day.